package com.envper.security.filter;

import com.envper.mysql.domain.Status;
import com.envper.security.domain.LoginUser;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import java.io.IOException;

@Component
@Slf4j
public class PermissionFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) throws ServletException, IOException {
        LoginUser loginUser = (LoginUser) request.getAttribute("loginUser");
//        if(ObjectUtils.isEmpty(loginUser)){
////            throw new MyAccessDeniedException(Status.TOKENEXCEPTION);
//        }else if(!PermUtils.verify(request.getRequestURI(), loginUser.getPermissions())){
////            log.error(request.getRequestURI());
//            log.error("对于来自{}{}的请求,返回{},错误信息为：{}", request.getLocalAddr(), request.getRequestURI(), Status.USERPERMDEFICIENCY.getCode(), Status.USERPERMDEFICIENCY.getMsg());
//            throw new AccessDeniedException("Access Denied due to insufficient permissions");
//        }
        filterChain.doFilter(request, response);
    }
}
